Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply
    Click here to shrink
    Click here to expand Click here to expand

    Attack Surface Analyzer for AD

    The Attack Surface Analyzer for AD is equipped with over 25 exclusive reports that help you spot various AD attacks. All AD domains configured for auditing in ADAudit Plus are automatically added for attack surface analysis.

    The different attacks that you can detect using ADAudit Plus' Attack Surface Analyzer for on-premises AD are listed below:

    • Pass the ticket
    • Pass the hash
    • DCShadow
    • DCSync
    • AdminSDHolder ACL tampering
    • RID hijacking
    • AS-REP roasting
    • Kerberoasting
    • Recent use of default admin
    • Shadow admin
    • Primary Group ID
    • Golden Ticket
    • Silver Ticket
    • Security log killer
    • PowerShell script block logging
    • Constrained delegation
    • Unconstrained delegation
    • Password extraction
    • Password spray
    • Reversible password encryption
    • Plaintext password in GPO
    • Brute-force password detection
    • Brute-force username detection
    • DSRM password change
    • DNS admin escalation
    • Suspicious process
    • Remote thread
    • Ransomware attack

    To access the Attack Surface Analyzer for AD:

    1. Log in to the ADAudit Plus web console.
    2. Navigate to the Active Directory tab > Attack Surface Analyzer.
    3. General Settings under the Admin tab

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       

    On this page

    Get download link